Download Cybersecurity Concepts and Practices and more Exams Nursing in PDF only on Docsity! SSCP questions with correct answers Electronic Code Book (ECB) Correct Answer-A mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value, and vice versa ECB Correct Answer-Which block cipher mode is MOST susceptible to plaintext attacks? Salting Correct Answer-Random data that is used as an additional input to a one- way function that "hashes" data, a password or passphrase. Used to safeguard passwords in storage. Hash Correct Answer-A number generated by an algorithm from a text string. Also known as a message digest. Structured Walk-Through Test Correct Answer-Representatives from each department come together and review/discuss DRP scenarios to ensure accuracy and to make changes if needed Simulation Test Correct Answer-a method of testing a BCP or DRP in which a business interruption is simulated, and the response team responds as if the situation were real Checklist Test Correct Answer-Copies of the plan are handed out to each functional area for examination to ensure the plan properly deals with the area's needs and vulnerabilities. Full-Interruption Test Correct Answer-One in which regular operations are stopped and processing is moved to the alternate site. SESAME Correct Answer-Offers sophisticated single sign-on with added distributed access control features and cryptographic protection of interchanged data Code of ethics Correct Answer-a formal statement of ethical principles and rules of conduct SDN (Software Defined Networking) Correct Answer-aims at separating the infrastructure (hardware) layer from the control layer -directly programmable from a central location, flexible, vendor neutral, based on open standards. -basically just "network virtualization"- allows data transmission paths, comm decision trees, flow control to be virtualized Lessons Learned Correct Answer-The knowledge gained during a project which shows how project events were addressed or should be addressed in the future with the purpose of improving future performance. Incident Response Correct Answer-The response of an organization to a disaster or other significant event that may significantly impact the organization, its people, or its ability to function productively. Private Key Correct Answer-An asymmetric encryption key that does have to be protected. Public Key Infrastructure (PKI) Correct Answer-the system for issuing pairs of public and private keys and corresponding digital certificates Known plaintext attack Correct Answer-Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext. Wassenaar Arrangement Correct Answer-Established to contribute to regional and international security and stability by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilizing accumulations. Fuzzing Correct Answer-a technique of penetration testing that can include providing unexpected values as input to an application to make it crash Chain of Custody Correct Answer-A list of all people who came into possession of an item of evidence SDLC Phases Correct Answer-1. Planning 2. Analysis 3. Design 4. Development 5. Testing 6. Implementation 7. Maintenance SDLC Correct Answer-Software Development Life Cycle Incremental backup Correct Answer-A type of partial backup that involves copying only the data items that have changed since the last partial backup. This produces a set of incremental backup files, each containing the results of one day's transactions Differential backup Correct Answer-A type of partial backup that involves copying all changes made since the last full backup. Thus, each new differential backup file contains the cumulative effects of all activity since the last full backup. Salvage Team Correct Answer-Responsible for starting the recovery of the original site Business Impact Analysis (BIA) Correct Answer-An exercise that determines the impact of losing the support of any resource to an organization, establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and supporting systems. Security Impact Analysis Correct Answer-The analysis conducted by an organizational official to determine the extent to which changes to the information system have affected the security state of the system. Risk Assessment Correct Answer-evaluation of the short-term and long-term risks associated with a particular activity or hazard Non discretionary access control Correct Answer-Access decisions are based on an individual's roles and responsibilities within an organization. RBAC (Role Based Access Control) Correct Answer-A "real-world" access control model in which access is based on a user's job function within the organization. Restoration team Correct Answer-Responsible for getting the alternative site into a functioning environment Damage assessment team Correct Answer-It is responsible for assessing current situation and determining if RTO can be met. Bollards Correct Answer-strong posts on a pier or wharf for holding a ships mooring ropes CCTV (closed circuit television) Correct Answer-This is a detective control that provides video surveillance. Video surveillance provides reliable proof of a person's location and activity. It can be used by an organization to verify if any equipment or data is being removed. ACL Correct Answer-Access Control List IDS/IPS Correct Answer-Intrusion Detection System Intrusion Prevention System host-based firewall Correct Answer-A firewall that only protects the computer on which it's installed. host-based IDS Correct Answer-An IDS system that primarily uses software installed on a specific host such as a web server. Risk Mitigation Correct Answer-a process whereby the organization takes concrete actions against risks, such as implementing controls and developing a disaster recovery plan Risk Acceptance Correct Answer-A risk response strategy whereby the project team decides to acknowledge the risk and not take any action unless the risk occurs. Risk Transference Correct Answer-A risk response strategy whereby the project team shifts the impact of a threat to a third party, together with ownership of the response. L2TP (Layer 2 Tunneling Protocol) Correct Answer-UDP 1701 Border router Correct Answer-a device that connects an organization's information system to the internet Modem Correct Answer-Communications hardware device that facilitates the transmission of data. Switch Correct Answer-A computer networking device that connects network segments Bus Correct Answer-The paths, or lines, on the motherboard on which data, instructions, and electrical power move from component to component. LUN Masking Correct Answer-It is a process that provides data access control by defining which LUNs a host can access. Supernetting Correct Answer-Allows multiple networks to be specified by one subnet mask VLAN Tagging Correct Answer-Adds a header changing the underlying fram Sandboxing Correct Answer-Using a virtual machine to run a suspicious program to determine if it is malware. Password Policy Correct Answer-A collection of settings to control password characteristics such as length and complexity. One-Way Trust Correct Answer-A trust relationship in which one domain trusts another, but the reverse is not true. Two-way trust Correct Answer-A domain relationship in which both domains are trusted and trusting, enabling one to have access to objects in the other. OWASP (Open Web Application Security Project) Correct Answer-An organization that maintains a list of the top 10 errors found in web applications. ISACA Correct Answer-Issues standards, guidance, and procedures for conducting information system audits External trust Correct Answer-A one-way, nontransitive trust that is established with a Windows NT domain or a Windows 2000 domain in a separate forest. QoS (Quality of Service) Correct Answer-A set of parameters that controls the level of quality provided to different types of network traffic. POP3 (Post Office Protocol version 3) Correct Answer-A protocol used from retrieving email from a mailbox on the mail server. Port 110 SMTP (Simple Mail Transfer Protocol) Correct Answer-A communications protocol that enables sending email from a client to a server or between servers. Port 25 Trusted Computing Base (TCB) Correct Answer-A collection of all the hardware, software, and firmware components within a system that provide security and enforce the system's security policy. TPM (Trusted Platform Module) Correct Answer-A chip on the motherboard used with software applications for security. It can be used with Windows BitLocker Drive Encryption to provide full-disk encryption and to monitor for system tampering. Service Level Agreement (SLA) Correct Answer-Part of a service contract where the service expectations are formally defined. BYOD (bring your own device) Correct Answer-The practice of allowing users to use their own personal devices to connect to an organizational network. Network Access Control (NAC) Correct Answer-The set of standards defined by the network for clients attempting to access it. Usually, NAC requires that clients be virus free and adhere to specified policies before allowing them on the network. VoIP (Voice over Internet Protocol) Correct Answer-This technology is used to make telephone calls via the Internet usually at a cheaper cost SRTP (Secure Real-Time Transport Protocol) Correct Answer-A security profile for RTP that adds confidentiality, message authentication, and replay protection to that protocol. Used to secure VoIP traffic. Has minimal effect on the IP quality of the VoIP service. RTO - Recovery Time Objective Correct Answer-The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable. TCO (Total Cost of Ownership) Correct Answer-An economic measure of the full cost of owning a product (typically computing hardware and/or software). Includes direct costs such as purchase price, plus indirect costs such as training, support, and maintenance. Chinese Wall Model Correct Answer-An access control model used to help prevent a conflict of inter est. Data is classified based on conflict of interest classes. Users who have access to one class are denied access to data in conflicting classes. Also known as the BrewerNash model. Bell-LaPadula Model Correct Answer-A combination of DAC and MAC, primarily concerned with the confidentiality of the resource. Two security properties define how information can flow to and from the resource: the simple security property and the * property Clark-Wilson Model Correct Answer-Real-world integrity model that protects integrity by having subjects access objects via programs. Biba Model Correct Answer-An access control model used to ensure integrity. It uses two primary rules: no read down and no write up. Compare to BellLaPadula model. Community cloud Correct Answer-serves a specific community with common business models, security requirements, and compliance considerations Public Cloud Correct Answer-Provides cloud services to just about anyone Private Cloud Correct Answer-serves only one customer or organization and can be located on the customer's premises or off the customer's premises Hybrid Cloud Correct Answer-includes two or more private, public, or community clouds, but each cloud remains separate and is only linked by technology that enables data and application portability NIST SP 800-53 Correct Answer-Its primary goal and objective is to ensure that appropriate security requirements and security controls are applied to all U.S. Federal Government information and information management systems. e-discovery Correct Answer-The process of identifying and retrieving relevant electronic information to support litigation efforts. false positive Correct Answer-error of recognition in which people think that they recognize some stimulus that is not actually in memory false negative Correct Answer-Assessment error in which no pathology is noted (that is, test results are negative) when one is actually present. Key Recovery Information Correct Answer-KRI Remote wipe Correct Answer-Remotely erases all contacts, email, photos, and other data from a device to protect your privacy. XOR Correct Answer-the Boolean operator that corresponds with an Exclusive Or operation Overt channel Correct Answer-A communications path, such as the Internet, authorized for data transmission within a computer system or network. Covert Channel Correct Answer-An information flow that is not controlled by a security control. Stealth Correct Answer-Type of Virus that avoids detection by modifying its file size brute force attack Correct Answer-the password cracker tries every possible combination of characters Rainbow Table Attack Correct Answer-attempts to discover the password from the hash using databases of precomputed hashes; countermeasure is salting